Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Jan 31 10:50
    eromang opened #19
  • Jan 25 10:10
    adulau commented #285
  • Jan 25 10:10

    adulau on main

    update taxonomies guide (add hi… Merge pull request #285 from De… (compare)

  • Jan 25 10:10
    adulau closed #285
  • Jan 25 08:35
    Delta-Sierra opened #285
  • Dec 30 2022 15:39
    adulau commented #18
  • Dec 30 2022 15:39

    adulau on master

    Update information_sharing_dora… Merge pull request #18 from lde… (compare)

  • Dec 30 2022 15:39
    adulau closed #18
  • Dec 30 2022 09:39
    ldelavaissiere opened #18
  • Dec 08 2022 08:58

    adulau on main

    chg: [README] updated (compare)

  • Nov 12 2022 11:50
    adulau commented #17
  • Nov 12 2022 11:50

    adulau on master

    Update README.md Proposal to l… Merge pull request #17 from lde… (compare)

  • Nov 12 2022 11:50
    adulau closed #17
  • Nov 12 2022 11:49
    ldelavaissiere opened #17
  • Nov 12 2022 11:46
    iglocska commented #16
  • Nov 12 2022 11:36
    ldelavaissiere commented #16
  • Nov 12 2022 11:35
    adulau commented #16
  • Nov 12 2022 11:35
    adulau closed #16
  • Nov 12 2022 11:35

    adulau on master

    Create information_sharing_dora… Merge pull request #16 from lde… (compare)

  • Nov 12 2022 11:28
    ldelavaissiere opened #16
andras
@andras:matrix.circl.lu
[m]
in the plugin itself
after this line:
GV-007
@GV-007
@andras:matrix.circl.lu I am not a programmer, so not sure how to craft the query...
you can get the full contents of the userinfo via $oidc->requestUserInfo();
it might make sense to grab that and log it
just to make sure that OneLogin actually includes the roles
GV-007
@GV-007
OK, I just add that line and then log: $this->log($oidc, "oidc_log");, right ?
andras
@andras:matrix.circl.lu
[m]
something like this rather:
$this->log(json_encode($oidc->requestUserInfo()), "oidc_log");
GV-007
@GV-007
@andras:matrix.circl.lu thanks for the tip, I don't see any roles in the output:
2021-09-29 09:42:40 Info: OIDC: User `{"sub":"59611704","email":"geert.verstrepen@XXX","preferred_username":"XXX","name":"Geert Verstrepen"}` – oidc_log
andras
@andras:matrix.circl.lu
[m]
yeah was stuck on something similar last week with another tool / another idp :)
GV-007
@GV-007
@andras:matrix.circl.lu on OneLogin end, I configured the roles parameter, so not sure why we don't see it...
andras
@andras:matrix.circl.lu
[m]
For what I was stuck on: I also configured the groups/roles in the tool (in my case it was keycloak) but I had to specifically map it so that it would actually show up in the response and the JWT
GV-007
@GV-007
@andras:matrix.circl.lu, many thanks, I'll start now by creating a ticket at OneLogin
Keep you informed
andras
@andras:matrix.circl.lu
[m]
no worries
if it helps:
from keycloak it looked like this:
it's the very last entry that did it
ended up with it being included in the JWT:
3 replies
Matthew
@yaekmj_twitter
Is there a common way to express generic $EmailRecipient rather than leaking users addresses ?
GV-007
@GV-007
@andras:matrix.circl.lu got a reply on my support case that in the request a scope should bedfined:
To allow roles to be sent, you need to set the appropriate scope, see https://developers.onelogin.com/openid-connect/scopes
Brent Murphy
@bm11100

I've got a cron just set up to cache feeds and it has been working fine. I saw the feeds havent been cached lately and when I run /var/www/MISP/app/Console/cake Server cacheFeed 2 all 2>&1 manually I am getting errors like below -

2021-09-29 14:46:41 Notice: Redis::exec(): send of 8192 bytes failed with errno=32 Broken pipe in [/var/www/MISP/app/Model/Feed.php, line 1334]
Notice Error: Redis::exec(): send of 8192 bytes failed with errno=32 Broken pipe in [/var/www/MISP/app/Model/Feed.php, line 1334]

I havent modified the Feed.php file at all, the error in this instance is $pipe->exec();. Has anyone had this issue?

Disk space is not full

Filesystem      Size  Used Avail Use% Mounted on
devtmpfs        7.7G     0  7.7G   0% /dev
tmpfs           7.7G     0  7.7G   0% /dev/shm
tmpfs           7.7G   33M  7.7G   1% /run
tmpfs           7.7G     0  7.7G   0% /sys/fs/cgroup
/dev/nvme0n1p1  500G  9.6G  491G   2% /
tmpfs           1.6G     0  1.6G   0% /run/user/1003
1 reply
cac0ns3c
@cac0ns3c
i delete all the events from MISP using PyMISP but now when i'm trying to get them again from the feeds i'm getting the. error
2021-09-29 20:12:41 Error: Could not save freetext feed data for feed 3.
[Exception] The target event is no longer valid. Make sure that the target event 816 exists.
Stack Trace:
#0 /var/www/MISP/app/Model/Feed.php(1013): Feed->saveFreetextFeedData()
#1 /var/www/MISP/app/Console/Command/ServerShell.php(297): Feed->downloadFromFeedInitiator()
#2 /var/www/MISP/app/Console/Command/AppShell.php(35): ServerShell->fetchFeed()
#3 /var/www/MISP/app/Vendor/kamisama/php-resque-ex/lib/Resque/Job.php(199): AppShell->perform()
#4 /var/www/MISP/app/Vendor/kamisama/php-resque-ex/lib/Resque/Worker.php(278): Resque_Job->perform()
#5 /var/www/MISP/app/Vendor/kamisama/php-resque-ex/lib/Resque/Worker.php(241): Resque_Worker->perform()
#6 /var/www/MISP/app/Vendor/kamisama/php-resque-ex/bin/resque(109): Resque_Worker->work()
#7 /var/www/MISP/app/Vendor/kamisama/php-resque-ex/bin/resque(100): startWorker()
#8 {main}
andras
@andras:matrix.circl.lu
[m]
Edit the feed, remove the id for the fixed event
cac0ns3c
@cac0ns3c
how do i edit the feed ?
andras
@andras:matrix.circl.lu
[m]
Feed index -> edit button on the right
cac0ns3c
@cac0ns3c
image.png
there is no event id, but outside it says fixed id 225
andras
@andras:matrix.circl.lu
[m]
Interesting
Hitting submit on the form should hopefully solve it
cac0ns3c
@cac0ns3c
didn't solve it, also tried creating new event every push
andras
@andras:matrix.circl.lu
[m]
Same error with new events every push?
Btw careful with that setting, don’t leave it on for longer than you absolutely have to
I can have a look at why resetting it doesn’t work tomorrow
cac0ns3c
@cac0ns3c
it doesn't change the fixed id
andras
@andras:matrix.circl.lu
[m]
Need to grab some sleep first though
Could you open an issue on GitHub so i don’t forget?
cac0ns3c
@cac0ns3c
yeah sure, no problem
andras
@andras:matrix.circl.lu
[m]
Cheers
cac0ns3c
@cac0ns3c
@andras:matrix.circl.lu MISP/MISP#7790
cac0ns3c
@cac0ns3c
@andras:matrix.circl.lu found a workaround, delete the feed and reload it :)
cac0ns3c
@cac0ns3c
how do i edit feeds/index.json ?
GV-007
@GV-007

@andras:matrix.circl.lu got a reply on my support case that in the request a scope should bedfined:
To allow roles to be sent, you need to set the appropriate scope, see https://developers.onelogin.com/openid-connect/scopes

@andras:matrix.circl.lu does this ring a bell to you, adding additional scopes for oidc ?

Xebus
@Xebus-Systems
Yo is it possible to reset your MISP configuration back to default?
Xebus
@Xebus-Systems
anyone have an example around how to configure email notifications to work in MISP, i cant find any documentation anywhere for this
Robbie
@Robbie_Smiles_twitter
Hi all! Just a noob question. I’ve tried to install the MISP modules on CentOS 7, Ubuntu 18.04 and Ubuntu 20.04. The later one installs the modules without any errors, CentOS 7 as well as Ubuntu 18.04 stumble and falls because pandas 1.3.2. is a requirement.
I tried several ways to get pandas up to par with 1.3.2. on CentOS 7 but without any success.
Did someone also encountered this issue? Thanks in advance for a reply.
Downloading pandas_ods_reader-0.1.2-py3-none-any.whl (7.6 kB)
ERROR: Could not find a version that satisfies the requirement pandas==1.3.2 (from versions: 0.1, 0.2, 0.3.0, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.5.0, 0.6.0, 0.6.1, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.8.0, 0.8.1, 0.9.0, 0.9.1, 0.10.0, 0.10.1, 0.11.0, 0.12.0, 0.13.0, 0.13.1, 0.14.0, 0.14.1, 0.15.0, 0.15.1, 0.15.2, 0.16.0, 0.16.1, 0.16.2, 0.17.0, 0.17.1, 0.18.0, 0.18.1, 0.19.0, 0.19.1, 0.19.2, 0.20.0, 0.20.1, 0.20.2, 0.20.3, 0.21.0, 0.21.1, 0.22.0, 0.23.0, 0.23.1, 0.23.2, 0.23.3, 0.23.4, 0.24.0, 0.24.1, 0.24.2, 0.25.0, 0.25.1, 0.25.2, 0.25.3, 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5)                                                
ERROR: No matching distribution found for pandas==1.3.2